PT-2024-7444 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.07.3 Description: The issue is related to path traversal errors in the handling of relative directory paths, which could allow a remote attacker to disclose protected information using server backups...

U.S. Dept Of Defense: Directory Indexing on the ████ (https://████/) leads to the backups disclosure and credentials leak

Description During poking around █████████/24 range - █████ looking for the Cisco devices, I came across █████ which resolved to the https://██████/ While it's a not .mil host, it's likely related to the DoD since it hosted in the DoD-controlled ASN. I discovered few critical vulnerabilities here...